upstream unicorn_<%= fetch(:nginx_config_name) %> {
<% if fetch(:unicorn_use_tcp) %>
  <% roles(:app).each do |role| %>
    server <%= role.hostname %>:<%= fetch(:unicorn_tcp_listen_port)%> fail_timeout=0;
  <% end %>
<% else %>
  server unix:/tmp/unicorn.<%= fetch(:nginx_config_name) %>.sock fail_timeout=0;
<% end %>
}

<% if fetch(:nginx_use_ssl) %>
server {
  listen 80;
  server_name <%= fetch(:nginx_server_name) %>;
  rewrite ^(.*) https://$host$1 permanent;
}
<% end %>

server {
<% if fetch(:nginx_use_ssl) %>
  <% if fetch(:nginx_use_spdy) %>
  listen 443 spdy;
  <% else %>
  listen 443;
  <% end %>
  ssl on;
  ssl_certificate <%= nginx_ssl_cert_file %>;
  ssl_certificate_key <%= nginx_ssl_cert_key_file %>;
<% else %>
  listen 80;
<% end %>

  client_max_body_size 4G;
  keepalive_timeout 10;

  error_page 500 502 504 /500.html;
  error_page 503 @503;

  server_name <%= fetch(:nginx_server_name) %>;
  root <%= current_path %>/public;
  try_files $uri/index.html $uri @unicorn_<%= fetch(:nginx_config_name) %>;

  location @unicorn_<%= fetch(:nginx_config_name) %> {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
<% if fetch(:nginx_use_ssl) %>
    proxy_set_header X-Forwarded-Proto https;
<% end %>
    proxy_pass http://unicorn_<%= fetch(:nginx_config_name) %>;
    # limit_req zone=one;
    access_log <%= nginx_access_log_file %>;
    error_log <%= nginx_error_log_file %>;
  }

  location ^~ /assets/ {
    expires max;
    add_header Cache-Control public;
  }

  location = /50x.html {
    root html;
  }

  location = /404.html {
    root html;
  }

  location @503 {
    error_page 405 = /system/maintenance.html;
    if (-f $document_root/system/maintenance.html) {
      rewrite ^(.*)$ /system/maintenance.html break;
    }
    rewrite ^(.*)$ /503.html break;
  }

  if ($request_method !~ ^(GET|HEAD|PUT|PATCH|POST|DELETE|OPTIONS)$ ){
    return 405;
  }

  if (-f $document_root/system/maintenance.html) {
    return 503;
  }

}
